Presentation: Automated Attack Tree Generation
When: Sept. 29, 2015, 12:30-13:30
Where: Carré 2K
Who: David Huistra
Attack Trees that model the possible attacks are used for qualitative and quantitative security analysis of systems and organizations. For larger systems/organizations, manually developing attack trees can become a labor intensive and error prone task.
This project looks into automatically generating attack trees given a model of the system/organization. The project looks into several steps including basic attack routes generation, attack tree refinement with domain specific attacks and refinement of basic attack steps with attributes, such as a probability of success.